Re: Compiling HostSentry
According to man utmp on potato I386, PII: # a) Size of utmp record (sizeof(struct utmp)) for your host. 384 # b) Offset to tty field from beginning of record. 6 # c) Length of tty field. 32 # d) Offset to username field from beginning of record. 42 # e) Length of username field. 32 # f) Offset to hostname field from beginning of record. 74 # g) Length of hostname field. 256 If you have the same config as me, then, I think you can use these values. Otherwise, you just have to write some C code to get the right answer. Like in: quote #include utmp.h int main() { printf(size of utmp struct: %d\n, sizeof(struct utmp)); printf(size of ut_type: %d\n, sizeof(short)); printf(size of pid_t: %d\n, sizeof(pid_t)); printf(offset of tty name: %d\n, sizeof(pid_t)+ sizeof(short)); printf(size of tty name: %d\n, UT_LINESIZE); printf(offset of username: return 0; } /quote signature Grégoire Welraeds gregoire (at) welraeds (dot) be /signature On Sun, 24 Jun 2001, Stefan Srdic wrote: Hey, I've compiled and installed HostSentry on my Patato box. I installed it under the /etc/hostsentry directory. I was editing the configuration file and got stumped over a setting. HostSentry needs to know the format of wtmp. Here's a snip from the conf file: # The basic things needed are: # # a) Size of utmp record (sizeof(struct utmp)) for your host. # b) Offset to tty field from beginning of record. # c) Length of tty field. # d) Offset to username field from beginning of record. # e) Length of username field. # f) Offset to hostname field from beginning of record. # g) Length of hostname field. # # The format is formed like this: # # utmpRecordLength/ttyOffset:ttyLen/usernameOffset:usernameLen/hostnameOffset:hostnameLen # # For example on RedHat: # # utmp record size is: 384 bytes # tty entry offset is: 8 bytes # tty entry size from offset is: 32 bytes # username entry offet is: 44 bytes # username entry size from offset is: 32 bytes # hostname entry offset is: 76 bytes # hostname entry size from offset: 256 bytes # # This would be formed as 384/8:32/44:32/76:256 # # NOTE: All of this garbage will hopefully go away on a future update when # I wrap native getutent() functions for Python. # # RedHat WTMP_FORMAT = 384/8:32/44:32/76:256 # Slackware #WTMP_FORMAT = 56/8:12/28:8/36:16 # BSD variants #WTMP_FORMAT = 36/0:8/8:8/16:16 Where can I find this information? I've compiled this program before on Mandrake. The configuration was easy since I only had to follow the RedHat settings. I would like to get this program up and running. I want to learn how it works and then attemp to compile it into a deb package for unstable. I have this idea that if we can get logcheck, portsentry and hostsentry all compiled into deb packes that we could create an apt- script that would install the Abacus project all in one shot. It would very usefull for Debian sysadmins, and all apps could be launched via the same rc script. I would like to hear some of your awnsers and opinions please :-D Stef -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Compiling HostSentry
According to man utmp on potato I386, PII: # a) Size of utmp record (sizeof(struct utmp)) for your host. 384 # b) Offset to tty field from beginning of record. 6 # c) Length of tty field. 32 # d) Offset to username field from beginning of record. 42 # e) Length of username field. 32 # f) Offset to hostname field from beginning of record. 74 # g) Length of hostname field. 256 If you have the same config as me, then, I think you can use these values. Otherwise, you just have to write some C code to get the right answer. Like in: quote #include utmp.h int main() { printf(size of utmp struct: %d\n, sizeof(struct utmp)); printf(size of ut_type: %d\n, sizeof(short)); printf(size of pid_t: %d\n, sizeof(pid_t)); printf(offset of tty name: %d\n, sizeof(pid_t)+ sizeof(short)); printf(size of tty name: %d\n, UT_LINESIZE); printf(offset of username: return 0; } /quote signature Grégoire Welraeds gregoire (at) welraeds (dot) be /signature On Sun, 24 Jun 2001, Stefan Srdic wrote: Hey, I've compiled and installed HostSentry on my Patato box. I installed it under the /etc/hostsentry directory. I was editing the configuration file and got stumped over a setting. HostSentry needs to know the format of wtmp. Here's a snip from the conf file: # The basic things needed are: # # a) Size of utmp record (sizeof(struct utmp)) for your host. # b) Offset to tty field from beginning of record. # c) Length of tty field. # d) Offset to username field from beginning of record. # e) Length of username field. # f) Offset to hostname field from beginning of record. # g) Length of hostname field. # # The format is formed like this: # # utmpRecordLength/ttyOffset:ttyLen/usernameOffset:usernameLen/hostnameOffset:hostnameLen # # For example on RedHat: # # utmp record size is: 384 bytes # tty entry offset is: 8 bytes # tty entry size from offset is: 32 bytes # username entry offet is: 44 bytes # username entry size from offset is: 32 bytes # hostname entry offset is: 76 bytes # hostname entry size from offset: 256 bytes # # This would be formed as 384/8:32/44:32/76:256 # # NOTE: All of this garbage will hopefully go away on a future update when # I wrap native getutent() functions for Python. # # RedHat WTMP_FORMAT = 384/8:32/44:32/76:256 # Slackware #WTMP_FORMAT = 56/8:12/28:8/36:16 # BSD variants #WTMP_FORMAT = 36/0:8/8:8/16:16 Where can I find this information? I've compiled this program before on Mandrake. The configuration was easy since I only had to follow the RedHat settings. I would like to get this program up and running. I want to learn how it works and then attemp to compile it into a deb package for unstable. I have this idea that if we can get logcheck, portsentry and hostsentry all compiled into deb packes that we could create an apt- script that would install the Abacus project all in one shot. It would very usefull for Debian sysadmins, and all apps could be launched via the same rc script. I would like to hear some of your awnsers and opinions please :-D Stef -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
nmap 2.12
Hello, I have recently installed a basic potato on a PII. While playing a little bit around a find that the provided nmap was only a 2.12 version. It is a rather old version of nmap (I have a 2.53 installed on a SuSE 6.3). Is there any known reason for this choice ? signature Grégoire Welraeds gregoire (at) welraeds (dot) be /signature -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
nmap 2.12
Hello, I have recently installed a basic potato on a PII. While playing a little bit around a find that the provided nmap was only a 2.12 version. It is a rather old version of nmap (I have a 2.53 installed on a SuSE 6.3). Is there any known reason for this choice ? signature Grégoire Welraeds gregoire (at) welraeds (dot) be /signature
Re: Filesystem permissions
Hello, IMOH, This is really not a good idea. For example, process like X or mysql will need write acces to /tmp. Also, user processes could need to have access to directory like /var/spool/mail (any MUA for example). Apache and man need access to the /var/cache directory. Some processes need access to /var/run (apache, proftpd,...). For a matter of security, deamon that need access to /tmp /var, ... do not always run as root. Furthermore, I don't see what is the benefit of a such restriction. On Fri, 15 Jun 2001, Noah Meyerhans wrote: On Fri, Jun 15, 2001 at 02:16:21PM -0600, Stefan Srdic wrote: For example, could I mount /proc, /var and /tmp so that only root can r/w to those filesystem? Also, how could I implement the same thing but to the /etc directory and subdirectories? Why do you want to? If nobody can read /proc then they can't run things like 'ps'. That's not a good thing. /etc is a similar case. Depending on your installation, it's quite likely that there are things in /etc that *need* to be readable by a normal user. Have you got something specific that you want to hide from your users? Do you really distrust them that much? I have had accounts on numerous public systems, included, for example, shell servers run by ISPs. Not once have I ever seen one that restricted read access to /proc or /etc. noah -- ___ | Web: http://web.morgul.net/~frodo/ | PGP Public Key: http://web.morgul.net/~frodo/mail.html -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Filesystem permissions
Hello, IMOH, This is really not a good idea. For example, process like X or mysql will need write acces to /tmp. Also, user processes could need to have access to directory like /var/spool/mail (any MUA for example). Apache and man need access to the /var/cache directory. Some processes need access to /var/run (apache, proftpd,...). For a matter of security, deamon that need access to /tmp /var, ... do not always run as root. Furthermore, I don't see what is the benefit of a such restriction. On Fri, 15 Jun 2001, Noah Meyerhans wrote: On Fri, Jun 15, 2001 at 02:16:21PM -0600, Stefan Srdic wrote: For example, could I mount /proc, /var and /tmp so that only root can r/w to those filesystem? Also, how could I implement the same thing but to the /etc directory and subdirectories? Why do you want to? If nobody can read /proc then they can't run things like 'ps'. That's not a good thing. /etc is a similar case. Depending on your installation, it's quite likely that there are things in /etc that *need* to be readable by a normal user. Have you got something specific that you want to hide from your users? Do you really distrust them that much? I have had accounts on numerous public systems, included, for example, shell servers run by ISPs. Not once have I ever seen one that restricted read access to /proc or /etc. noah -- ___ | Web: http://web.morgul.net/~frodo/ | PGP Public Key: http://web.morgul.net/~frodo/mail.html